Drop trust password, add peer relation for lxd migration support

config.yaml

@@ -6,10 +6,6 @@ options:
       Repository from which to install LXD.  May be one of the following:
       distro (default), ppa:somecustom/ppa, a deb url sources entry,
       or a supported release pocket
-  trust-password:
-    type: string
-    default: password
-    description: Password to set for the LXD server.
   block-device:
     type: string
     default:

hooks/lxd_hooks.py

@@ -10,6 +10,7 @@ from charmhelpers.core.hookenv import (
     log,
     unit_get,
     relation_set,
+    relation_get,
 )
 
 from charmhelpers.core.host import (
@@ -22,6 +23,8 @@ from lxd_utils import (
     install_lxd_source,
     configure_lxd_source,
     configure_lxd_block,
+    lxd_trust_password,
+    configure_lxd_remote,
 )
 
 from charmhelpers.fetch import (
@@ -54,16 +57,28 @@ def config_changed():
     configure_lxd_block()
 
 
-@hooks.hook('lxd-relation-joined')
-def relation_joined(rid=None):
+@hooks.hook('lxd-relation-joined',
+            'lxd-migration-relation-joined')
+def lxd_relation_joined(rid=None):
     settings = {}
-    settings['lxd_password'] = config('trust-password')
-    settings['lxd_hostname'] = unit_get('private-address')
-    settings['lxd_address'] = gethostname()
+    settings['lxd_password'] = lxd_trust_password()
+    settings['lxd_hostname'] = gethostname()
+    settings['lxd_address'] = unit_get('private-address')
     relation_set(relation_id=rid,
                  relation_settings=settings)
 
 
+@hooks.hook('lxd-migration-relation-changed')
+def lxd_migration_relation_changed():
+    settings = {
+        'password': relation_get('lxd_password'),
+        'hostname': relation_get('lxd_hostname'),
+        'address': relation_get('lxd_address'),
+    }
+    if all(settings):
+        configure_lxd_remote(settings)
+
+
 def main():
     try:
         hooks.execute(sys.argv)

hooks/lxd_utils.py

@@ -2,7 +2,7 @@ import glob
 import pwd
 import os
 
-from subprocess import call, check_call
+from subprocess import call, check_call, check_output
 
 from charmhelpers.core.templating import render
 from charmhelpers.core.hookenv import (
@@ -10,6 +10,7 @@ from charmhelpers.core.hookenv import (
     config,
     ERROR,
 )
+from charmhelpers.core.unitdata import kv
 from charmhelpers.core.host import (
     add_group,
     add_user_to_group,
@@ -17,6 +18,7 @@ from charmhelpers.core.host import (
     mount,
     service_stop,
     service_start,
+    pwgen,
 )
 from charmhelpers.contrib.storage.linux.utils import (
     is_block_device,
@@ -54,6 +56,7 @@ LXD_SOURCE_PACKAGES = [
 
 LXD_GIT = 'github.com/lxc/lxd'
 DEFAULT_LOOPBACK_SIZE = '10G'
+PW_LENGTH = 16
 
 
 def install_lxd():
@@ -194,3 +197,26 @@ def determine_packages():
 
 def filesystem_mounted(fs):
     return call(['grep', '-wqs', fs, '/proc/mounts']) == 0
+
+
+def lxd_trust_password():
+    db = kv()
+    if not db.get('lxd-password'):
+        db.set('lxd-password', pwgen(PW_LENGTH))
+    return db.get('lxd-password')
+
+
+def configure_lxd_remote(settings):
+    cmd = ['lxc', 'remote', 'list']
+    output = check_output(cmd)
+    if settings['hostname'] not in output:
+        cmd = ['lxc', 'remote', 'add',
+               settings['hostname'],
+               settings['address'],
+               '--accept-certificate',
+               '--password={}'.format(settings['password'])]
+    else:
+        cmd = ['lxc', 'remote', 'set-url',
+               settings['hostname'],
+               settings['address']]
+    check_call(cmd)

metadata.yaml

@@ -7,6 +7,9 @@ tags:
   - misc
   - openstack
 subordinate: true
+peer:
+  lxd-migration:
+    interface: lxd-migration
 provides:
   lxd:
     interface: containers